Multi-Machine

The goal of this document is to give you enough technical specifics to configure and run the Drone in multi-machine mode. Once you complete this guide you will need to install one or many agents.

Prerequisites

Create an OAuth Application

Create a GitHub OAuth application. The Consumer Key and Consumer Secret are used to authorize access to Bitbucket resources. The Authorization callback URL must match the below format and path, and must use your exact server scheme and host.

Create a Shared Secret

Create a shared secret to authenticate communication between agents and your central Drone server. This shared secret is passed to both the server and agents using the DRONE_RPC_SECRET environment variable.

You can use openssl to generate a shared secret:

$ openssl rand -hex 16
bea26a2221fd8090ea38720fc445eca6

Download

The Drone server is distributed as a lightweight Docker image. The image is self-contained and does not have any external dependencies.

docker pull drone/drone:1.0.0-rc.1

Start the Server

The server container can be started with the below command. The container is configured through environment variables. For a full list of configuration parameters, please see the configuration reference.

Server Reference

This section provides additional explanation of the configuration variables used earlier in this document. This represents a subset of configuration parameters. For a full list please see the configuration reference.

DRONE_GITHUB_CLIENT_ID

A string containing your GitHub oauth Client ID.

DRONE_GITHUB_CLIENT_ID=05136e57d80189bef462

DRONE_GITHUB_CLIENT_SECRET

A string containing your GitHub oauth Client Secret.

DRONE_GITHUB_CLIENT_SECRET=7c229228a77d2cbddaa61ddc78d45e

DRONE_GITHUB_SERVER

A string contianer your GitHub server address. The default value is the official https://github.com server address.

DRONE_GITHUB_SERVER=https://github.com

DRONE_GIT_ALWAYS_AUTH

Boolean value configures Drone to authenticate when cloning public repositories. This is only required when your source code management system (e.g. GitHub Enterprise) has private mode enabled.

DRONE_GIT_ALWAYS_AUTH=false

DRONE_RPC_SECRET

Required string literal value provides the drone shared secret. This is used to authenticate the rpc connection to the server. The server and agent must be provided the same secret value.

DRONE_RPC_SECRET=9c3921e3e748aff725d2e16ef31fbc42

DRONE_SERVER_PROTO

A string containing your Drone server protocol scheme. This value should be set to http or https. This field defaults to https if you configure ssl or acme.

DRONE_SERVER_PROTO=https

DRONE_SERVER_HOST

A string containing your Drone server hostname or IP address.

DRONE_SERVER_HOST=drone.domain.com

DRONE_TLS_AUTOCERT

An boolean indicating debug level logs should be use for automatic SSL certification generation and configuration. The default value is false.

DRONE_TLS_AUTOCERT=false

Docker Reference

Publish

The server listens on standard http and https ports inside the container, which should be published on the host machine:

--publish=80:80
--publish=443:443

Volumes

Mount the Docker Socket

The server requires access to your host machine Docker socket. This is used to launch pipelines in Docker containers on the host machine. This is required if you are running Drone in single-machine mode.

--volume=/var/run/docker.sock:/var/run/docker.sock

Mount the Data Volume

The server creates a sqlite database and persists to a contianer volume at /data. To prevent dataloss, we recommend mounting the data volume to the host machine when using the default sqlite database.